Analyzing TCP Traffic Patterns Using Self Organizing Maps
نویسنده
چکیده
The continuous evolution of the attacks against computer networks has given renewed strength to research on anomaly based Intrusion Detection Systems, capable of automatically detecting anomalous deviations in the behavior of a computer system. While data mining and learning techniques have been successfully applied in host-based intrusion detection, network-based applications are more difficult, for a variety of reasons, the first being the curse of dimensionality. We have proposed a novel architecture which implements a network-based anomaly detection system using unsupervised learning algorithms. In this paper we describe how the pattern recognition features of a Self Organizing Map algorithm can be used for Intrusion Detection purposes on the payload of TCP
منابع مشابه
Visualization of the Packet Flows using Self Organizing Maps
Recently, the spread of the Internet makes familiar to the incident concerning the Internet, such as a DoS attack and a DDoS attack. Some methods which detect the abnormal traffics in the network using the information from headers and payloads of IP-packets transmitted in the networks are proposed. In this research, the method for the analysis of the flow of IP packet based on SOM (Self-Organiz...
متن کاملSteel Consumption Forecasting Using Nonlinear Pattern Recognition Model Based on Self-Organizing Maps
Steel consumption is a critical factor affecting pricing decisions and a key element to achieve sustainable industrial development. Forecasting future trends of steel consumption based on analysis of nonlinear patterns using artificial intelligence (AI) techniques is the main purpose of this paper. Because there are several features affecting target variable which make the analysis of relations...
متن کاملDetecting Anomalous Network Traffic with Self-organizing Maps
Integrated Network-Based Ohio University Network Detective Service (INBOUNDS) is a network based intrusion detection system being developed at Ohio University. The Anomalous Network-Traffic Detection with Self Organizing Maps (ANDSOM) module for INBOUNDS detects anomalous network traffic based on the Self-Organizing Map algorithm. Each network connection is characterized by six parameters and s...
متن کاملThe pattern determination of sea surface temperature distribution and chlorophyll a in the Southern Caspian Sea using SOM Model
Remote sensing has changed modern oceanography by proving synoptic periodic data which can be processed. Since the satellite data are usually too much and nonlinear, in most cases, it is difficult to distinguish the patterns from these images. In fact, SOM (Self-Organizing Maps) model is a type of ANN (Artificial Neural Network) that has the ability to distinguish the efficient patterns from th...
متن کاملAn Eye on Network Intruder-Administrator Shootouts
Carefully logging network activity is essential to meet the requirements of high security and optimal resource availability. However, detecting break-in attempts within this activity is a difficult task. Making the distinction between misuse and normal use is hard, and identifying intrusions that use novel attacks is fundamentally difficult. In this paper, we introduce a visual approach for ana...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
دوره شماره
صفحات -
تاریخ انتشار 2005